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Abstract. The logic FO(ID) uses ideas from the field of logic program- 
ming to extend first order logic with non-monotone inductive definitions. 
Such logic formally extends logic programming, abductive logic program- 
ming and datalog, and thus formalizes the view on these formalisms as 
logics of (generalized) inductive definitions. The goal of this paper is to 
study a deductive inference method for PC(1D), which is the propositional 
fragment of FO(ID). We introduce a formal proof system based on the se- 
quent calculus (Gentzen-style deductive system) for this logic. As PC(1D) 
is an integration of classical propositional logic and propositional inductive 
definitions, our sequent calculus proof system integrates inference rules for 
propositional calculus and definitions. We present the soundness and com- 
pleteness of this proof system with respect to a slightly restricted fragment 
of PC(ID). We also provide some complexity results for PC(1D). By devel- 
oping the proof system for PC(1D), it helps us to enhance the understanding 
of proof-theoretic foundations of FO(ID), and therefore to investigate useful 
proof systems for FO(ID). 



1 Introduction 

In this paper, we study deductive methods for the propositional fragment of FO(ID) 
|14j . To motivate this study, we need to say a few words about the origin and the 
motivation of FO(ID). 

Perhaps the two most important knowledge representation paradigms of the mo- 
ment are on the one hand, classical logic-based approaches such as description logics 
[2], and on the other hand, rule-based approaches based on logic programming and 
extensions such as Answer Set Programming and Abductive Logic Programming 
|3I24) . The latter disciplines are rooted firmly in the discipline of Non-Monotonic 
Reasoning [32 . FO(ID) integrates both paradigms in a tight, conceptually clean 
manner. The key to integrate "rules" into classical logic (FO) is the observation that 
natural language, or more precisely, the informal language of mathematicians, has 
an informal rule-based construct: the construct of inductive/recursive definitions 
(IDs). 

In Figure Q] and Figure [U we displayed two prototypical examples of the most 
common forms of inductive definitions in mathematics: monotone ones, respectively 
definitions by induction over a well-founded order. As seen in these figures, both 



Definition 1. The transitive closure Tg of a directed graph G is defined by induction: 

- (x, y) G T G if {x, y) G G; 

- (x, y) € Tg if for some vertex z, (x,z) € Tg and (z,y) € Tg- 

Fig. 1. Definition of Transitive closure 

Definition 2. The satisfaction relation \= between o -interpretations I and propositional 
formulas over o is defined by structural induction: 

- I \= p if p is an atom and p 6 I , 

- I\=ipA<j)ifI\=ip and I \= </>, 

- I\=ipV<j>ifI\=il>orI\=<f>, 

- I h-V ifl£1>. 

Fig. 2. Definition of satisfaction 

are frequently represented as a set of informal rules. These two forms of inductive 
definitions are generalized by the concept of iterated inductive definitions (IID) [6]. 
Inductive definitions define their concept by describing how to construct it through 
a process of iterated application of rules starting from the empty set. Definitions 
by induction over a well-founded order are frequently non-monotone, as illustrated 
by the non-monotone rule "I |= if / ^= ip" which derives the satisfaction of ->ij) 
given the non-satisfaction of 

Of course, a definition is not just a set of material implications. Thus, a sen- 
sible scientific research question is to design a uniform, rule-based formalism for 
representing these forms of definitions. Such a study is not only useful as a formal 
logic study of the concept of inductive definition but it contributes to the under- 
standing of rule-based systems and thus, to the study of the (formal and informal) 
semantics of logic programming and the integration of classical logic-based and 
rule-based approaches to knowledge representation. 

Iterated inductive definitions have been studied in mathematical logic [6] but 
the formalisms there are not rule-based and require an extremely tedious encoding 
of rules and well-founded orderings into one complex formula [14j . In several papers 
|11|12|14] . it was argued that, although unintended by its inventors, the rule-based 
formalism of logic programming under the well-founded semantics |20j and its ex- 
tension to rules with FO-bodies in [19] correctly formalizes the above mentioned 
forms of inductive definitions. Stated differently, if we express an informal inductive 
definition of one of the above kinds into a set of formal rules 

Vx(P(t) <- <t>) 

then the informal semantics of the original definition matches the well-founded 
semantics of the formal rule set. E.g., in a well-founded model of the following 
"literal" translation of the definition in Figure [T] 

(Vx,y (T G (x,y) <- G(x,y)) 1 
\Vx,y (T G (x,z) <- (3z T G (x,y) A T G (y, z))) J 



Tq is interpreted as the transitive closure of the graph interpreting G. A similar 
claim holds for the literal translation of the definition of |= in Figure [21 Thus, 
the rule formalism under the well-founded semantics provides the desired uniform 
syntax and semantics for representing the above mentioned forms of inductive def- 
inition construct. 

There are several good arguments to integrate the above inductive definition 
construct (and hence, this generalized form of logic programming under the well- 
founded semantics) into FO. (1) FO and definitions are complementary KR lan- 
guages: FO is a base language very suitable for expressing propositions, assertions 
or constraints while it is well-known that, in general, inductive definitions cannot 
be expressed in FO [25] . (2) Definitions are important for KR. In the case of non- 
inductive definitions, their use for defining terminology was argued long time ago in 
Brachman and Levesque's seminal paper [5] and was the motivation for developing 
description logics [2J. As for inductive definitions, they are quite likely as important 
to declarative Knowledge Representation as recursive functions and procedures are 
to programming. Applications of inductive definitions abound in KR: various in- 
stances of transitive closure, definitions of recursive types and of concepts defined 
over recursive types, descriptions of dynamic worlds through definitions of states in 
terms of past states and effects of actions, etc. In |13j . a formalization of situation 
calculus in terms of iterated inductive definitions in FO(ID) yields an elegant and 
very general solution for the ramification problem in the context of the situation 
calculus. (3) Inductive definitions are also an interesting Non-Monotonic Reasoning 
language construct. A logic is non-monotonic if adding new expressions to a theory 
may invalidate previous inferences. Obviously, adding a new rule to an inductive 
definition defines a different set and hence, this operation may invalidate previ- 
ous inference^]. One of the main non-monotonic reasoning principles is the Closed 
World Assumption (CWA) [35]. The intuition underlying CWA is that "an atom is 
false unless it can be proven" . This matches with an inductive definition in which a 
defined atom P(t) is false unless it is explicitly derived by one of its rules P(t) <— ip 
during the construction process. Hence, inductive definitions can be viewed as a 
very precise and well-understood form of Closed World Assumption. Moreover, it is 
well-known that rule formalisms under CWA can be used to represent many useful 
forms of defaults. The correspondence between CWA and inductive definition con- 
struct implies that the methodologies to represent defaults developed in, e.g., logic 
programming, can be used in an inductive definition formalism as well. Domain 
Closure [31] is another important non-monotonic reasoning principle that can be 
expressed through inductive definitions [14] . 

All the above provides a strong motivation for adding inductive definitions to 
FO. Thus, the resulting logic FO(ID) extends FO not only with an inductive defi- 
nition construct but also with an expressive and precise non-monotonic reasoning 
principle. Not surprisingly, the logic FO(ID) is strongly tied to many other log- 
ics. It is an extension of FO with inductive definitions and a conceptually clean 
integration of FO and LP. It integrates monotonic and non-monotonic logics. The 

3 Observe that the concept of (non-)monotonicity is used here in two different ways. 
Adding a rule to a monotone inductive definition is a non-monotonic reasoning opera- 
tion. 



inductive definition construct of FO(ID) formally generalizes Datalog [T]: this is 
a natural match, given that Datalog programs aim to define queries and views. 
FO(ID) is also strongly related to fixpoint logics. Monotone definitions in FO(ID) 
are a different -rule-based- syntactic sugar of the fixpoint formulas of Least Fix- 
point Logic (LFP) 33 34]. Last but not least, FO(ID), being a conceptually clean, 
well-founded integration of rules into classical logic, might play a unifying role in 
the current attempts of extending FO-based description logics with rules [35]. It 
thus appears that FO(ID) occupies quite a central position in the spectrum of 
computational and knowledge representation logics. 

Several attempts to build inference systems for FO(ID) are underway. One line 
of research is the development of finite model generators [28 27 29 39] . They have 
similar applications and speed as current Answer Set Programming solvers [17116] . 
However, in this paper we study a more traditional form of inference: deduction. 
As for every formal logical system, the development of deductive inference methods 
for FO(ID) is an important research topic. There is no hope of course to build a 
complete proof system of FO(ID). Indeed, inductive definability leads to undecid- 
ability, not even semi-decidability. As such, the task we set out for this paper is 
restricted to the development of a sound proof system and a decidable fragment of 
FO(ID). 

The goal of this paper is to extend the propositional part of Gentzen's sequent 
calculus to obtain a proof system for PC(ID), the propositional fragment of FO(ID). 
We view our work as an initial investigation to build proof systems for (fragments 
of) FO(ID). In proof theory, Gentzen's sequent calculus LK [21136] is a widely 
known proof system for first order logic. The sequent calculus is well-suited to a 
goal-directed approach for constructing logical derivations. The advantage of the 
method is its theoretical elegance and the fact that it focuses the proof search, with 
applicable proof rules constrained by logical connectives appearing in the current 
goal sequent. Our work is inspired by the one of Compton, who used sequent 
calculus (Gentzen-style deductive system) methods in [718] to investigate sound 
and complete deductive inference methods for existential least fixpoint logic and 
stratified least fixpoint logic. Existential least fixpoint logic, as described in [7], is a 
logic with a least fixpoint operator but only existential quantification and stratified 
least fixpoint logic, as shown in [5J, is a logic with a least fixpoint operator and 
characterizes the expressibility of stratified logic programs. Indeed, these two logics 
without nested least fixpoint expressions can be viewed as fragments of FO(ID). 

The contributions of this paper can be summarized as follows: 

1. We introduce a sequent calculus for PC (ID). 

2. We prove that the deductive system is sound and complete for a slightly re- 
stricted fragment of PC(ID). 

3. We provide some complexity results for PC(ID). 

By developing a proof system for PC(ID), we want set a first step to enhance 
the understanding of proof-theoretic foundations of FO(ID). One application of 
this work could be for the development of tools to check the correctness of the 
outputs generated by PC(ID) model generators such as MiniSat(ID) |29j . Given a 
PC(ID) theory T as input, such a solver outputs a model for T or concludes that 



T is unsatisfiable. In the former case, an independent model checker can be used 
to check whether the output is indeed a model of T. However, when the solver 
concludes that T is unsatisfiable, it is less obvious how to check the correctness 
of this answer. One solution is to transform a trace of the solvers computation 
into a proof of unsatisfiability in a PC (ID) proof system. An independent proof 
checker can then be used to check this formal proof. Model and proof checkers can 
be a great help to detect bugs in model generators. An analogous checker for the 
Boolean Satisfiability problem (SAT) solvers was described in |40) . 

On the longer run, we view our work also as a first step towards the development 
of proof systems and decidable fragments of FO(ID). A potential use of this is in the 
field of description logics. Deductive reasoning is the distinguished form of inference 
of Description Logics. Given the efforts to extend Description Logics with rules and 
the fact that FO(ID) offers a natural, clean integration of a very useful form of rules 
in FO, it seems that research on decidable fragments of FO(ID) could play a useful 
role in that area. 

The structure of this paper is as follows. We introduce PC(ID) in Section [2j 
We present a sequent calculus proof system for PC (ID) in Section [3] The main 
results of the soundness and completeness of the proof system are investigated in 
Sectional We provide some complexity results for PC(ID) in Section [5] We finish 
with conclusions, related and future work. 

2 Preliminaries 

In this section, we present PC(ID), which is the propositional fragment of FO(ID) [14] . 
Observe that PC(ID) is an extension of propositional calculus (PC) with proposi- 
tional inductive definitions (IDs). 

2.1 Syntax 

A propositional vocabulary r is a set of propositional atoms. A formula of propo- 
sitional calculus over r, or briefly, a PC-formula over r, is inductively defined as: 

— an atom in r is a PC-formula over r; 

— if F is a PC-formula over r, then so is -iF 1 ; 

— if F\,Fi are PC- formulas over r, then so are F\ A i*2 and F\ V F2. 

We use the following standard abbreviations: F± D F2 for -1F1 VF2 and Fi = F% 
for (Fi A F2) V (-".Ft A -1F2). A literal is an atom P or its negation -»P. An atom 
P has a negative (positive) occurrence in formula F if P has an occurrence in the 
scope of an odd (even) number of occurrences of the negation symbol -1 in F. 

A definition D over r is a finite set of rules of the form: 

P<-tp, 

where Per and <p is a PC-formula over r. Note that the symbol is a new 
symbol, which must be distinguished from (the inverse of) material implication D. 
For a rule of the above form, the atom P is called the head of the rule while ip 



is known as its body. An atom appearing in the head of a rule of D is called a 
defined atom of D, any other atom is called an open atom of D. We denote the 
set of defined atoms by t% and that of all open ones by Tq. We call a definition 
D positive if its defined symbols have only positive occurrences in rule bodies (i.e., 
occur in the scope of an even number of negation symbols). 

D is called inductive or recursive in predicate P if its dependency relation -< 
satisfies P -< P. Here, the dependency relation -< of D on r is the transitive closure 
of the set of all pairs (Q, P) such that for some rule P <— ip G D, Q occurs in <p. The 
intended informal semantics of a formal definition D is given by understanding it as 
a -possibly inductive- definition of the defined symbols in terms of the open symbols. 
This understanding is clear in case of positive definitions and the corresponding 
formal semantics is obvious. In the next sections, we consider how this view extends 
to arbitrary non-positive definitions. 

A PC(ID)-formula over r is defined by the following induction: 

— an atom in r is a PC(ID)-formula over r; 

— a definition over r is a PC(ID)-formula over r; 

— if F is a PC(ID)-formula over t, then so is ->F; 

— if F±,F2 are PC(ID)-formulas over t, then so are i 7 ! A F2 and Fi V F2. 

A PC(ID) theory over r is a set of PC(ID)-formulas over r. 

Any definition containing multiple rules with the same atom in the head can 
be easily transformed into a definition with only one rule per defined atom. We 
illustrate this by the following example. 

Example 1. The following definition 



As we mentioned in Section [U monotone definitions in FO(ID) are a different 
-rule-based- syntactic sugar of the fixpoint formulas of Least Fixpoint Logic (LFP). 
We now illustrate the relation between a propositional inductive definition and a 
propositional least fixpoint expression in fixpoint logics. 

A propositional least fixpoint expression is of the form: 



where for each i 6 [1, . . . , n], Pi is a propositional atom, 6i is either a propositional 
formula or a propositional least fixpoint expression, ip is either a propositional 
formula or a propositional least fixpoint expression, and Pi occurs only positively 
in Oi and ip. Note that the subformulas tj},9i, . . . ,6 n of a least fixpoint expression 
[LFPpj_ p n (9i, . . . ,0 n )]tp may contain least fixpoint expressions. Indeed, nesting 




is equivalent to this one: 



{ 



P (Oi AQ)VP 
Q «- (Q A P) V 2 



[LFP Pu ...,p n (6 1 ,...,6 n )}i>, 



of least fixpoint expressions is allowed in fixpoint logics. But nesting of definitions 
is not allowed in PC (ID). All sub-formulas 6\, . . . , 9 n of an unnested least fixpoint 
expression contain only positive occurrences of each atom Pj. It is worth mention- 
ing that the unnested least fixpoint expression [LFPp lt , ^p ri (6i, . . . ,O n )]tp, where 
6\, . . . , 6 n , tp may not contain least fixpoint expressions, corresponds exactly to the 
second order PC(ID)-formula 



However, such a correspondence does not hold for nested least fixpoint expressions 
since only PC-formulas are allowed as bodies of rules in definitions. 

In summary, the differences between the definition construct and the fixpoint 
definitions are: 

— The fixpoint notation is formula-based and defines predicate variables with 
scope restricted to the fixpoint expression while a definition construct is rule- 
based and defines predicate constants. (These are "syntactic sugar" differences.) 

— Fixpoint expressions can be nested while definitions cannot. On the other hand, 
in fixpoint expressions, the defined variables can occur only positively in the 
defining formulas, while in definitions, the defined predicates can occur nega- 
tively in rule bodies. 

The relation between definitions and LFP are investigated in [23J. 
2.2 Semantics 

In this section, we formalize the informal semantics of the two most common forms 
of inductive definition, monotone inductive definitions (e.g., the definition of transi- 
tive closure, Figure [1} and definitions over a well-founded order (e.g., the definition 
of the satisfaction relation |=, Figure [2j, and their generalization, the notion of an 
iterated inductive definition. These informal types of definitions might be roughly 
characterized as follows: 

— The rules of a monotone inductive definition of a set add objects to the defined 
set given the presence of certain other objects in the set. 

— For an inductive definition over some (strict) well-founded order, a rule adds an 
object x given the presence or absence of certain other strictly smaller objects 
in the set. 

— Finally, an iterated inductive definition is associated with a well-founded semi- 
order □ such that each rule adds an object x given the presence of some other 
less or equivalent objects in the defined set and the absence of some strictly less 
objects. 

4 A semi-order < is a transitive reflexive binary relation. Two elements x, y are <- 
equivalent if x < y and y < x, and x is strictly less than y if x < y and y x 
are not equivalent. A semi-order is well-founded if it has no infinite strictly descending 
chains xo > x\ > X2 > ■ ■ ■ ■ 




According to this characterizations, iterated inductive definitions generalize the 
other types. Non-monotonicity of the two latter types of definitions stem from rule 
conditions that refer to the absence of objects in the defined set (as in the condition 
of "I \= -ii/j if I \£ tp" ) . Adding a new element to the set might violate a condition 
what was previously satisfied. For an extensive argument how the well-founded 
semantics uniformally formalizes these three principles, we refer to [12I14] . Below, 
we just sketch the main intuitions. 

As we all know, the set defined by any of the aforementioned forms of inductive 
definitions can be obtained constructively as the limit of an increasing sequence 
of sets, by starting with the empty set and iteratively applying unsatisfied rules 
until saturation. A key difference between monotone definitions and non-monotone 
inductive definitions is that in the first, once the condition of a rule is satisfied 
in some intermediate set, it holds in all later stages of the construction. This is 
not the case for non- monotone inductive definitions. E.g., in the construction of 
|=, the set of formulas tp for which the condition of the rule "J |= -ii/j if I ^ tp" 
holds, initially contains all formulas and gradually decreases. As a consequence, 
the order of rule applications is arbitrary for monotone inductive definitions but 
matters for non-monotone definitions. There, it is critical to delay application of 
an unsatisfied rule until it is certain that its condition will not be falsified by later 
rule applications. This is taken care of by applying the rules along the well-founded 
order provided with the definition (e.g., the subformula order in the definition of 
|=). In particular, application of a rule deriving some element x is delayed until no 
unsatisfied rule is left deriving a strictly smaller object y < x. 

It would be rather straightforward to formalize this idea for PC (ID) if it was not 
that a PC(ID) definition D does not come with a explicit order. Fortunately, there 
is a different way to make sure that a rule can be safely applied, i.e., that later rule 
applications during the inductive process will not falsify its condition. To do this, 
we need to distinguish whether a defined atomic proposition has been derived to be 
true, to be false or is still underived. E.g., once I |= tp is derived to be true, we can 
safely apply the rule for disjunctions and derive I \= tp \/ <p to be true, even I \= (p 
is still underived. Likewise, we can safely derive I Y= tp A cp as soon as we found out 
I Y= tp. Applying this criterion relies on the ability to distinguish whether a defined 
atomic proposition (such as "7 |= tp") has been derived to be true, to be false 
or is still underived, and whether a rule condition is certainly satisfied, certainly 
dissatisfied or still unknown in such state. This naturally calls for a formalization 
of the induction process in a three- valued setting where intermediate stages of the 
set in construction are represented by three- valued sets instead of two- valued sets, 
and rules are evaluated in these three- valued sets. 

Below we present the formalization of the well-founded semantics introduced 
in [TS]. Compared to the original formalizations in |20ll9j . it is geared directly at 
formalizing the inductive process as described above, using concepts of three- valued 
logic. We start its presentation by recalling some basic concepts of three-valued 
logic. 

Consider the set of truth values {t, f , u}. The truth order < on this set is induced 
by f < u < t and the precision order < p is induced by u < p f and u < p t. Define 
f" 1 = t, u" 1 = u and t" 1 = f. 



Let r be a propositional vocabulary. A three- valued r-interpretation, also called 
a r- valuation, is a function I from r to the set of truth values {t, f, u}. An interpre- 
tation is called two- valued if it maps no atoms to u. Given two disjoint vocabularies 
r and r', a r-interpretation I and a r'-interpretation J', the r U r'-interpretation 
mapping each element P of r to I(P) and each P 6 r' to /'(-P) is denoted by 7+ J'. 
When r' C r, we denote the restriction of a r-interpretation I to the symbols of r' 
by 7| T '. For a r-interpretation /, a truth value v and an atom P G r, we denote by 
/[-P/f] the r-interpretation that assigns v to P and corresponds to I for all other 
atoms. We extend this notation to sets of atoms. Both truth and precision order 
can be extended to an order on all r-interpretations by / < J if for each atom 
Per, I(P) < J{P) and I < p J if for each atom Per, I(P) < p J(P). 

A three-valued interpretation I on r can be extended to all PC-formulas over 
r by induction on the subformula order: 

- P 1 = I(P) if P G r; 

- (if A ip) = mm^y,^}); 

- (if V ip) 1 = mai<({/, ip 1 })] 

i^Y = {^)-\ 

The following proposition states a well-known monotonicity property with re- 
spect to the precision order. 

Proposition 1. Let if be a PC-formula over r and I, J be three-valued r -interpretations 
such that I < p J. Then if 1 < p ip . 

Another well-known proposition states a monotonicity property with respect to 
the truth order. 

Proposition 2. Let if be a PC-formula over r and I, J be three-valued r-interpretations 
such that if P 1 < P J , then P only occurs positively in ip and if P 1 > P J then P 
only occurs negatively in if. Then if 1 < if J . 

The above properties about the precision and truth order will be applied fre- 
quently in the proofs in Section 3] For brevity, we will not mention them explicitly 
in the remainder of the paper. 

We now define the semantics of definitions. Let D be a definition over r and 
Lo a two- valued r^-interpretation, i.e., an interpretation of all open symbols of D. 
Consider a sequence of three- valued r-interpretations (I n ) n >o extending 1q such 
that I°(P) = u for every P G r^,, and for every natural number n, I n+1 relates to 
I n in one of the following ways: 

1. I n+1 = I n [P/t] where P is a defined atom such that P 1 — u and for some 
rule P <- if e D, if 1 " = t. 

2. I n+1 = I n [U/f], where U is a non-empty set of defined atoms, such that for 
each P G U, T n (P) — u and for each rule P if E D, if 1 + = f . 

The first derivation rule [T] derives true atoms and is a straightforward for- 
malization of the principle explained in the beginning of this section. The second 
derivation rule [5] is less obvious and serves to derive falsity of defined atoms. Let 
us first consider a more obvious special case that is subsumed by rule [5J 



3. I n+1 = I n [P/{] where P is a defined atom such that I n (P) = u and for each 
rule P <r- p e D, ip 1 " = f . 

This rule expresses that if the body of each rule that could derive P is certainly 
false at stage n, then P can be asserted to be false at stage n + 1. This is a special 
case of the rule [U Indeed, taking U = {P}, we have for each P <p £ D that 



The stronger derivation rule [H expresses that the atoms in a set U consisting 
of underived defined atoms can be turned to false if the assumption that they 
are all false suffices to dissatisfy the condition of each rule that could produce an 
element of U. A set U as used in this rule corresponds exactly to an unfounded 
set as defined in |20j . The rationale behind this derivation rule and the link with 
informal induction is that when U is an unfounded set at stage n then none of its 
atoms can be derived anymore at later stages of the construction process (using 
derivation rule[lj. To see this, assume towards contradiction that at some later 
stage > n, one or more elements of U could be derived to be true, and let P be 
the first atom that could be derived, say at stage m > n. At stage m, it holds 
for each Q 6 U that I m {Q) = u and for some rule P <— <p £ D, ip 1 = t. But 



I n [U/f] < p I m [U/{] > p I m and hence, f = ip^VM < p tp^VW > p tp 1 ™ = t and 



this yields a contradiction. Thus, the derivation rule [2] correctly concludes that the 
atoms in U are no longer derivable through rule application. This derivation rule 
is needed to derive, e.g., falsity of all atoms not in the least fixpoint of a monotone 
definition, which is something that cannot be derived in general by the rule El 

We call a sequence as defined above a well-founded induction. A well-founded 
induction is terminal if it cannot be extended anymore. It can be shown that each 
terminal well-founded induction is a sequence of increasing precision and its limit 
is the well-founded partial interpretation of D extending Iq |15) . We denote the 
well-founded partial interpretation of D extending Iq by Iq . 

We define that D 1 = t if I = (J| T o) and / is two- valued. Otherwise, we define 
D 1 = f . Adding this as a new base case to the definition of the truth function of 
formulas, we can extend the truth function inductively to all PC(ID)-formulas. 

We are now ready to define the semantics of PC(ID). For an arbitrary PC(ID)- 
formula ip, we say that an interpretation / satisfies ip, or / is a model of ip, if I is 
two-valued and ip 1 — t. As usual, this is denoted by / |= ip. I satisfies (is a model 
of) a PC(ID) theory T if I satisfies every p e T. 

A definition lays a functional relation between the interpretation of the defined 
symbols and those of the open symbols. In particular, two models of a definition 
differ on the open symbols. A model of a monotone definition is the <-least inter- 
pretation satisfying the rules of the definition (interpreted as material implications) 
given a fixed interpretation of the open symbols, as desired. Also, the semantics of 
PC (ID) is two- valued and extends the standard semantics of propositional logic. 
A three-valued interpretation I is never a model of a definition, not even if it is a 
well-founded partial interpretation of the definition. 

Example 2. Consider the following definition: 



f = ip r < p ip 



= <p- 



= f. 




Then t£, = and rg = {P,Q}. There are no open symbols and there is only one 
model of D, namely the interpretation mapping both P and Q to f. 

2.3 Where the informal semantics breaks 

The informal semantics of a PC(ID) rule set as an inductive definition breaks in 
some cases. Examples are non-monotone rule sets with recursion over negation such 
as 



Their (unique) well-founded partial interpretation is not two-valued, and hence, 
these definitions have no model and are inconsistent in PC (ID). 

The restriction to two- valued well-founded partial models was imposed to en- 
force the view that a well-designed definition D ought to define the truth of all its 
defined atoms, i.e., the inductive process should be able to derive truth or falsity 
of all defined atoms. This motivates the following concept. 

Definition 3 (Totality, [14]). Let Io be a two-valued interpretation ofr^. A def- 
inition D is total in I if Iq is two-valued. The definition D is total in the context 
of a theory T if D is total in M\ T a , for each model M ofT. A definition D is total 
if it is total in every two-valued interpretation Io of its open atoms. 

A simple and very general syntactic criterion that guarantees that a definition 
is total can be phrased in terms of the dependency relation -<; of D. A definition D 
is stratified if for each rule P <— <p, for each symbol Q with a negative occurrence 
in <p, P 7^ Q. This means that the definition of Q docs not depend on P. 

Proposition 3 ([20]). If D is stratified then D is total. 

Observe that a stratified definition formally satisfies the (informal) condition that 
was stated for iterated inductive definitions early in this section. The well-founded 
semi-order underlying an iterated inductive definition is nothing else than the re- 
flexive closure ^ of -<. Atoms Q with a positive occurrence in the body of a rule 
deriving P satisfy Q -< P; those with a negative occurrence satisfy Q < P and 
P Q. Hence, such rules effectively derive P given the presence of less or equiv- 
alent atoms and the absence of strictly less atoms in the defined valuation. The 
well-founded model of such definitions is two-valued and corresponds exactly to 
the structure obtained by the construction described in Section 12.21 for (informal) 
inductive definitions. Thus, the well-founded semantics correctly formalizes the in- 
formal semantics of inductive definitions, and correctly constructs the (informally) 
defined relations without knowing the underlying (semi-)order of the definition. 

Although the class of stratified definitions is large and comprises almost all 
"practical" PC (ID) definitions that we encountered in applications, there are intu- 
itively sensible definitions which are total but not stratified. 



{P^-P} 



or 




Example 3. A software system consists of two servers SI and .52 that provide 
identical services. One server acts as master and the other as slave, and these roles 
are assigned on the basis of clear (but irrelevant) criterion that can be expressed 
in the form of a set of defining rules for the predicate M aster (s). Clients can 
request services x. The master makes a selection among these requests on the basis 
of a clear (but irrelevant) criterion expressed in a definition of Criterion{x). The 
slave fulfills all requests that are not accepted by the master. Here is the core of a 
(predicate) definition: 

Criterion(x) •(—... 
Master(s) «- . . . 

< Slave(s) <- -nMaster(s) > 
Accepts{x, m) 4- Request(x) A Master(m) A Criterion(x) 
Accepts{x, s) <— Request(x) A Slave(s) A 3m(M aster (m) A -> Accept s(x,m)) 

The (propositionalisation of the) definition is not stratified since the last rule creates 
a negative dependency between Accept s(x, SI) and Accept s [x , S '2). Yet, since no 
server can be both master and slave, this recursion is broken "locally" in each 
model. This is a total, albeit unstratified definition of the predicate Accepts that 
correctly implements the informal specification. 

The proof system for PC(ID), as presented below, is sound and complete with 
respect to all PC(ID) theories containing only total definitions, and hence to any 
fragment of PC(ID) that enforces totality of the allowed definitions. 

3 LPC(ID): A Proof system for PC(ID) 

In this section we formulate a proof system, LPC(ID), for the logic PC(ID) in the 
sequent calculus style originally developed by Gentzen in 1935 [3T]. Our system can 
be seen essentially as a propositional part of classical sequent calculus adaptation 
of inference rules for definitions. We give the proof rules of LPC(ID), which are 
the rules of Gentzen's original sequent calculus for propositional logic, augmented 
with rules for introducing defined atoms on the left and right of sequents, a rule 
for inferring the non-totality of definitions and a rule for introducing definitions on 
the right of sequents. 

First, we introduce some basic definitions and notations. Let capital Greek let- 
ters r, A, . . . denote finite (possibly empty) sets of PC(ID)-formulas. r, A denotes 
ruA. r,ip denotes r U {</?}. By f\T, respectively V-^> we denote the conjunction, 
respectively disjunction of all formulas in r. By -iP, we denote the set obtained 
by taking the negation of each formula in r. By r \ A, we denote the set obtained 
by deleting from r all occurrences of formulas that occur in A. r is said to be 
consistent if there is no formula ip such that both tp and —up can be derived from 

r. 

A sequent is an expression of the form r — > A. r and A are respectively called 
the antecedent and succedent of the sequent and each formula in F and A is called a 
sequent formula. In general, a formula p occurring as part of a sequent denotes the 
set {p}- We will denote sequents by S, Si, A sequent r — > A is valid, denoted 



by |= r — > A, if every model of /\T satisfies \J A. A counter-model for r — > A is an 
interpretation / such that I \= /\T but I Y=\J A. The sequent _T — > is equivalent 
to r — > _L and — > Z\ is equivalent to T -> Z\, where J_, T are logical constants 
denoting false and in/e, respectively. 

An inference rule is an expression of the form 

S~] . . . . • Sri 

n > 

where Si,...,S n and are sequents. Each Sj is called a premise of the inference 
rule, S is called the consequence. Intuitively, an inference rule means that 5* can be 
inferred, given that all S\ , . . . , S n are already inferred. 

The initial sequents, or axioms of LPC(ID) are all sequents of the form 

r,A^, A,A or _L -> A or r ->■ T 

where A is any PC(ID)-formula, r and Z\ are arbitrary sets of PC(ID)-formulas. 

The inference rules for LPC(ID) consist of structural rules, logical rules and 
definition rules. The structural and logical rules, which follow directly the prepo- 
sitional inference rules in Gentzen's original sequent calculus for first-order logic 
LK, deal with the prepositional part of PC(ID) and are given as follows, in which 
A,B are any PC(ID)-formulas and r, A are arbitrary sets of PC(ID)-formulas. 



Structural rules 

— Weakening rules 



, , r^A . , r^A 

left: -; right: 



A,r a ° ' r -> a, a 

Contraction rules 

A,A,T^A . r^A,A,A 
l cit: — T~ ! right: — — — . 

Cut rule 

r ^ A ' 



Logical rules 

— -i rules 



left: — -; right: 



iA,T^A' ° r -> A,^A 
— A rules 

Mt: AAB,r^A > nght: r->A^AB ■ 



— V rules 



Our deductive system LPC(ID) is then obtained from the prepositional part 
of LK by adding inference rules for definitions. The definition rules of LPC(ID) 
consist of the right definition rule, the left definition rule, the non-total definition 
rule and the definition introduction rule. Without loss of generality, in what follows 
we assume that there is only one rule with head P in a definition D for every 
P6Tq. We refer to this rule as the rule for P in D and denote it by P <p P . 



Right definition rule for P. The right definition rule introduces defined atoms 
in the succedents of sequents. It allows inferring the truth of a defined atom from 
a definition D and is therefore closely related to the derivation rule Q] for extending 
a well-founded induction. Let I? be a definition and P a defined atom of D. The 
right definition rule for P is given as follows. 

r -> A, (fi P 



D,T^ A,P 



where r and A are arbitrary sets of PC(ID)-formulas. 
We illustrate this inference rule with an example. 



Example 4. Consider the definition 

D = 



P<-PA-iQ 
Q^-P 

The instance of the right definition rule for P is 

r -> A,P A -.Q 

d,t^a,p ' 

and the instance of the right definition rule for Q is 

r -> A,^P 
D,T^A,Q' 



Left definition rule for Pi £ U. The left definition rule introduces defined 
atoms in the antecedents of sequents. It allows inferring the falsity of a defined 
atom from a definition D and is therefore closely related to the second derivation 
rule [2] for extending a well-founded induction. 

We first introduce some notations. Given a set U of atoms, let be a set 
consisting of one new atom P^ for every P g U. The vocabulary r augmented with 
these symbols is denoted by t > . Given a PC-formula ip, (p > denotes the formula 
obtained by replacing all positive occurrences of an atom P G U in ip by P > . We 
call tfP the renaming of <p with respect to U. For a set of PC-formulas F, F^ denotes 
{(p^ I p G F}. For arbitrary PC-formula ip, by -up" , we mean -'(ip"). 

Let D be a definition over r and U a non-empty set of atoms such that UCt^. 
Denote by -<U > the set {-.P > |P e [/}. Let P and A be sets of PC(ID)-formulas 
over r. The left definition rule for every Pi £ U is given as follows, where U = 
{Pi,...,P„}. 



^u»,r^A,^ Pi] ...^u»,r^A,^» Pn 



Pi,D,r^A 



Actually, in the left definition rule, the set of atoms U is a candidate unfounded 
set of D. 

We illustrate this inference rule with an example. 



Example 5. Given a definition D 



P ^ P A 



— U — {P}, the instance of the left definition rule for P G U is 

-nP > ,r ->■ A, -■(P [> A -iQ) 

p,d,t^a 

— U = {Q}, the instance of the left definition rule for Q G U is 

Q,D,T^A 

— U = {P, Q}, the instance of the left definition rule for P G U is 

-■p > , -.Q*, r -> a ^{p» a -.q); -.q>, r -» A -.Q> 
p, £>, r ->• a 

— U = {P, Q}, the instance of the left definition rule for Q G U is 

-nP > , -■Q > , r -» a ^(p* a -.q); np>, ^q>, r -» A ^ 

Q,D,T^A 



Non-total definition rule for D. The non-total definition rule allows infer- 
ring the non-totality of a definition D. We introduce some notations. Let D be 
a definition over t and V a non-empty set of atoms such that V C 7-5. Denote 
by r° the vocabulary r U U 7 s , where both and arc sets of new and 
different renamings P > and P° of all symbols P of V. Denote by (p° the formula 
obtained by replacing each positive occurrence of each P G V in (p by P^ and 
each negative occurrence of each P G V in 93 by P°. Denote by D the definition 
{P 1 * <— (^p I P G V and P ipp G P} over the new vocabulary r°. Let P and 
A be sets of PC(ID)-formulas over r. Then the non-total definition rule for D is 
given as follows. 

v°, d°, r ->• a A ^ r->AA^ 

p,p -> z\ 



We illustrate this inference rule with an example. 



P <- P A -.< 

Example 6. Given a definition D = ^ Q <— ->Q A R ^ , V = {Q, R} and r and A 

R^^R 

empty sets. Then the instance of the non-total definition for D is 
Q*, L>° ->• A -.iP; -Q°, L>° ->■ A 



where Z3° 



«- -.Q A R* 
R" <- 



For the intuition behind the non-total definition rule, we point the readers to 
[13] and Section where the cause of the non-totality of a definition is explained. 

We do not have an inference rule to prove totality of all definitions in the context 
of a certain set r of PC(ID)-formulas. Such an inference rule would involve proving 
that each model of r can be extended to a model of the definition. In fact, we cannot 
even formulate this condition as a sequent. 

Definition introduction rule for D. The three definitional inference rules in- 
troduced so far, introduce a definition in the antecedent of the consequence. Hence, 
none of these rules can be used to infer that under certain conditions a definition 
holds. The definition introduction rule allows inferring the truth of a total definition 
from PC(ID)-formulas. 

We introduce some notations. Let D be a total definition. Denote by P' a new 
defined atom for each Peij. Denote by r' the vocabulary r U {P 1 \ P G t^}. 
Denote by D 1 the definition over the new vocabulary r' obtained by replacing each 
occurrence of each defined symbol P in D by P' . Let r and A be sets of PC(ID)- 
formulas over the old vocabulary t. The definition introduction rule for D is given 
as follows, where Pi, . . . , P n are all defined atoms of D. 

D',r ->■ A,P{=P i; ...; D 1 , A,P' n = P n 

r -> a,d 

We illustrate this inference rule with an example. 

Example 7. Given a definition D = ^ q q y\ p j> ^ = {^i ^ ^Q} an d A an 
empty set. Then the instance of the definition introduction rule for D is 
D',0,P,^Q -> P' = P; D',0,P,^Q ->• Q' = Q 



0,P,^Q^D 



where D' 



P' <-0 
Q'^Q'A P' 



The inference rule proposed here has a definition in the succedent of its premise 
and hence, allows to infer the truth of a definition. Unfortunately, this rule is only 
sound given that the inferred definition is total. We will give an example to show 
that the definition introduction rule is not sound given that the inferred definition 
is non-total right after proving the soundness of this inference rule. 



Proofs of PC(ID). We now come to the notion of an LP C (ID) -proof for a 
sequent. 



Definition 4. An LPC (ID) -proof for a sequent S, is a tree T of sequents with 
root S . Moreover, each leaf of T must be an axiom and for each interior node S' 
there exists an instance of an inference rule such that S' is the consequence of that 
instance while the children of S' are precisely the premises of that instance. T is 
often called a proof tree for S. A sequent S is called provable in LPC (ID), or 
LPC (ID) -provable, if there is an LPC (ID) -proof for it. 



Example 8. Given a definition D 
proof for O, D -> P A -.Q. 



P 

Q 



o 

Q A P 



the following is an LPC(ID)- 



^Q > ,Q > ,P- 

nQ>,Q»AP 



iQ" AP) 



left -, 

- left weakening 

- left A 
right -i 



Q,D 



right definition rule ■ 



O^O 
O.D^P 



D 



0,D^ PA^Q 



left definition rule 
right -i 

- left weakening 

- right A 



4 Main results 



In this section, we will prove that the deductive system LPC (ID) is sound and 
complete for a slightly restricted fragment of PC (ID), which can be viewed as main 
theoretical results of this paper. 



4.1 Soundness 

To prove the soundness of LPC(ID), it is sufficient to prove that all axioms of 
LPC(ID) are valid and that every inference rule of LPC(ID) is sound, i.e. if all 
premises of an inference rule are valid then the consequence of that rule is valid. It 
is trivial to verify that the axioms are valid and that the structural and logical rules 
are sound (see e.g. |36l37j ). Hence, only the soundness of the right definition rule, 
the left definition rule, the non-total definition rule and the definition introduction 
rule must be proved. 

Lemma 1. Let I be a model of D and P a defined atom of D. Then I \= P if and 
only if I \= ip P . 

Proof. Because / is a model of D, there exists a terminal well-founded induction 
(/")n<£ for D with the limit = /. 

(if part) Assume that / |= (pp. The sequence {I n ) n <£ is strictly increasing in 
precision, hence there is no n < £ such that ipp — f. As such, for every n < £, 
P 1 f. Therefore, P 1 ^ f and because / is two-valued, we can conclude P 1 = t. 



(only if part) Assume that I \= P. Thus, for some n < £, P 7 " = u and P 7 " = 
t. Hence, p p = t. Because the sequence (J n )„<j is strictly increasing in precision, 
we have p P — t. 

Lemma 2 (Soundness of the right definition rule). Let D be a definition and 
P a defined atom of D. If \= T -> A,ip P , then \= D,T ->■ A, P. 

Proof. Assume |= r — > A, tpp but ^= P, r — > A, P. Then there exists a counter- 
model I for D, r — > A, P which satisfies D, f\T,^\J A and ->P. It follows from the 
first assumption that 1 1= ipp, and hence, by Lemma [I] I j= P, a contradiction. 

Lemma 3 (Soundness of the left definition rule). Let D be a definition and U 
be a non-empty subset ofrf). If for every P G U, it holds that \= -iLP , r — > A, ~^<p*p, 
then for all P e U , it holds that |= P,D,T -> A. 

Proof. Assume |= P -> A-'Vp for every P G P, but ^ P D, P ->• Z\ for 
some P £ U. Then there exists a model I of D, /\ P and -i V Z\ satisfying at least 
one P G J7. Furthermore, by Lemma HJ it holds that / |= ipp. We select this P 
in the following way. Let (I n ) n <£ be a terminal well-founded induction for D with 
limit J* = I. Let n be the smallest n < ^ such that for some Q € U, Q 1 = u and 
Q 7 = t. By selection of n, there is a unique P G U such that P 7 = u, 7™ \= fp 
and P 7 = t. Consider this P and <^p. 

On the one hand, it holds that I |= (pp. On the other hand, consider the 
interpretation P = I[U > /{]. It is clear that P satisfies -.LP, A ^ and -. V A. Hence, 
by the first assumption, it holds that P |= ^p> P . We will derive a contradiction 
from this. 

Observe that by our choice of n, for each Q eU, Q 1 = f or Q 1 = u. Denote 
by I n> the interpretation that assigns Q 1 to Q 1 * f° r every Q £ U and corresponds 
to P on all other atoms. There are two simple observations that can be made 
about I nt> : 

- I n> < p P: indeed, I n < p I and for each Q" G U > , Q^ 1 " = f > p Q >/ " > = Q r = 
f or u. 

— (</?p) 7 = <^p = t: obvious from the construction of I n!> and (p P . 

Combining these results, we obtain t = (tpp) 7 > < p (</5p) / ' > = f • This is the desired 
contradiction. 

Having the soundness of the left definition rule, we can explain the introduction 
of renaming formulas in the left definition rule. Consider the left definition rule of 
the following form: 

-nPi, ■ ■ ■ , ^P„, P -> A, ; . . . ; -J\, . . . , ^P n , P -> A, ^p Pn 

Pi,D,r^A 1 ' 

where {Pi, . . . , P„} C rg and P; is an arbitrary defined atom in {Pi, . . . , P„}. 

Intuitively, the above form of the left definition rule is exactly related to the 
second derivation rule [2] of the well-founded induction and it is easier to be un- 
derstood. However, such an inference rule is not sound. For an arbitrary definition 
D and any defined atom P of D, D — > -^P can be inferred applying this rule. We 
illustrate this with the next example. 



Example 9. Consider the following definition: 



D = {P <- T} . 

Let r = {P} and A be an empty set. Since -P, P — > -fT, we can prove P — » -P by 
using the inference rule (J]), the right -i rule and the right contraction rule. However, 
for the same definition D and empty sets r and A, it is obvious that D — > P can 
be inferred by using the right definition rule, which derives a contradiction. Hence, 
the inference rule ([T]) is not sound. 

From the viewpoint of semantics, since the left definition rule corresponds to 
the second derivation rule [2] of the well-founded induction, we have to adopt the 
approach of renaming to represent that the defined atoms of U are unknown in I n 
and false in I n+1 . 

Lemma 4. Let D be a definition, I a model of D and U a non-empty subset of 
rfy. If for every P G U, it holds that (p p [U/f] = f, then P 1 = f for all P eU. 

Proof. Assume that there exists a non-empty set T satisfying that (a) TCP, 
(b) P 1 = t for each P 6 T, and (c) P 1 = f for each P £ U \ T. Let (I n )„<£ be a 
terminal well-founded induction for D with the limit P- = I. Let n be the smallest 
n < £ such that for some Q £ T, Q 1 — u and = t. By selection of n, there 

is a unique P 6 T such that P 7 = u, Lp P = t and P 1 = t. Consider this P 
and (pp. 

Observe that by our choice of n, for each Q e T, Q /n = u. Hence, for each 
Q e T, Q J " < p Q'^/fl = f . Because P l < p I, for each Q6^\T,we have that 
Qi[U/t] _ qi > p qi" Combining these results, it is concluded that 7" < p I[U/f]. 

Therefore, we obtain that t = ip 1 ^ < p (pp U ^ f ^ — f , a contradiction. Hence, there is 
no P eU such that P 7 = t, which follows directly that P 1 = f for all P E U. 

Lemma 5 (Soundness of the non-total definition rule). If \= V"°,P°,P — > 
A, A -^V" and \= -iV*, P/\ P A A V > , then \= D,T ->• A. 

Proof. Assume towards contradiction that 

^r.^r-yA^n^and |= -V*, £>*, P -> A, f\ V > but ^D,r->A 

(2) 

Then there exists a r-interpretation / satisfying D, /\P and Z\. Consider the 
vocabulary r° = r U U 7°. I can be expanded into two ^-interpretations lyo 
and Pyo as follows: 

J v . = (I[F7t]) D ° and Pyo = {I[vy{}) D \ 

Since D° is a positive definition, hence total definition with open symbols t \JV°, 
both interpretations are well-defined. Moreover they obviously satisfy: 



Ivo h AD ° A A rA ^V A and I^v* \= h^V* AD« A f\P /\^\/ A. 



By (J2J, it follows that 



I v<> |= /\ -,V* and I-.V* |= /\ V*. (3) 

Let (J n ) n <j be a terminal well-founded induction for Z? with limit l' = 7. There 
exists a least ordinal n such that P 1 = u for every P £ V and there exists at least 
one P £ V with P 1 ^ u. We distinguish between the case where P is t in I n+1 
and the case where P £ U for some non-empty set U C such that all atoms of 
{J are f in I n+1 . We will prove in the first case that Iyo \= P > and in the second 
case that Pyo \= -,P> for every P > £V > f) U t> . This contradicts ©. 

— Assume that P 7 " = u and p 7 " +1 = t. Then for the rule P tp p £ D, it holds 
that ipp = t. Consider the corresponding rule P t> ■h- ip p £ D°. If we can show 
that Iyo \= tp'p, then Lemma Q] will yield that Iyo |= P & which is what we must 
prove here. 

Consider the T°-interpretation I n<> which extends I n by interpreting each sym- 
bol and Q° as Q 1 , i.e., as u. Clearly (tpp) 1 = <p P = t, and it suffices 
to show that I n<> < p Iyo to obtain that Iyo \= cp p . But this is straightforward 
since I n °\ T = I n < p I = I V *\t and {Q") 1 ^ = {Q*) 1 ^ = u for each Q £ V. 
Hence, it is indeed the case that 1"° < p Iyo which leads to the contradiction. 

— For the other case, assume that J" +1 = I n [U/i] where P £ U. For each P £ 
U n 0) and its rule P <- <p P £ D, it holds that ipp" = f . We will use this 
to show that for each rule P* ^ ip P £ D° with P* £ n V > , ip p is false in the 
interpretation Pyo [U > D V > /{}. Then, since I^yo satisfies D° , we can apply 
Lemma S] to obtain that each P > £ D V > is false in I-,yo. This produces the 
contradiction with ([3]). 

The key point is therefore to show that all these renamed rule bodies ip P are 
false in the interpretation I^yo[U' > D V > /f]. To prove this, we use the same 
technique as in the previous case, namely we construct an interpretation which 
is less precise than I^yo[U > fl V > /f] and which falsifies all the concerned rule 
bodies. We choose this interpretation as the ^-interpretation P which extends 
jn+i ky interpreting each symbol and Q° as Q 1 , i.e. as f if Q £ U D V 
and as u if Q £ V \ U. Notice that for all formulas ip over r, it holds that 

= (v^) /0 . 

Let us verify that P < p I^ V <,[U> n V*/f]. We have 1% = I n+1 < p I = 
I^vo[U > fl V > /f] | T . The interpretation P interprets all symbols Q° as u or 
f whereas I^y°\U > R V s> /i] interprets them as f, just like J-,yo. Symbols of 
n are interpreted as f in both interpretations, and finally, the remaining 
symbols of V > \ U t> are interpreted as u in P which is certainly less precise 
than in the other interpretation. 

It follows that for every rule P > «- (p p £ D° with P £ V n U ', f = <p P +1 = 
WpY" < P (i P p)Pvo[u > nv c '/f] = f As ex pi a i ne d before, this leads to the desired 
contradiction. 

Lemma 6 (Soundness of the definition introduction rule). Let D be a total 
definition. If |= D',T -> A, P' = P for every P £rf )! then |= T -> A,D. 



Proof. Assume |= D',T -> A,P' = P for every P € t% but ^ P Z\,L>. Then 
there exists a two-valued T-interpretation / such that I \= f\P but / ^= \/ Z\, 
I y= D. Denote by J the two- valued well-founded model of D extending I\ T ^- 
Because I ^ D, there exists a defined atom Q of D such that Q 1 ^ Q J . Since D is 
a total definition and D' is obtained by replacing each occurrence of each defined 
atom P in D by P', D' is a total definition. Thus, there exists a two- valued r'- 
interpretation /' such that V is the well-founded model of D' extending I. Notice 
that for every P <E t^, P 1 = P 1 . Because neither r nor A contains an occurrence 
of an atom P', it holds that V \= f\P and V ^ \J A. Therefore, by the first 
assumption, it is obtained that I' \= P' = P for every P£Tp. Also, because D' is 
obtained by renaming all defined atoms and none of the open atoms, it holds that 
pj = (pty' for every p g T d _ Hencej qi = qi' = (Qiy' = qJ^ a contradiction. 

Therefore, |= r -> Zi, £>. 

The definition introduction rule is not sound if the inferred definition D is not 
total. We illustrate it with an example. 

Example 10. Consider the definition as follows: 

D= {P^^P} . 

Let r and A be empty sets. It is obvious that D' = { P' -*P' } is not total. 
Thus, |= D' — >• P' = P but ^=^>- D, which shows that the definition introduction 
rule is not sound when the inferred definition D is non-total. 

Notice that all inference rules in LPC(ID) except the definition introduction 
rule are sound with respect to both total and non-total definitions. By induction 
on the number of inference rules in a proof of a sequent, we can easily prove the 
soundness of LPC(ID). 

Theorem 1 (Soundness). If a sequent r — > A is provable in LPC(ID) without 
using the definition introduction rule, then \= r — > A. If a sequent r — > A is 
provable in LPC(ID) and all definitions occurring in r and A are total, then 

^r^A. 

4.2 Completeness 

LPC(ID) is not complete in general. Intuitively, this is because the only inference 
rules that allow to introduce a positive occurrence of a definition in the succedent 
of a sequent are the axioms, the weakening rules and the definition introduction 
rule. As shown in the above subsection, the definition introduction rule is not 
sound with respect to non-total definitions. Thus, no other inference rule allows 
to derive a non-total definition from some propositional formulas. Therefore, one 
cannot synthesize non-total definitions with LPC(ID), i.e., not all valid sequents 
of the form r — > D, where D is a non-total definition, can be proved in this system. 

We will however prove the completeness for a restricted class of sequents, 
namely the sequents _T — > A such that every definition occurring negatively in 
r or positively in A must be total. The main difficulty in the completeness proof 



for LPC(ID) is to handle the definitions in the sequents (We already know that 
the propositional part of LPC(ID) is complete. See e.g. [36137] ) . 

First, we focus on the completeness of sequents of the form D,T — > A, where 
P and A are sets of PC-formulas and D is a definition. Notice that the definition 
D appearing in the sequent may be non-total. 

Lemma 7. Let D be a definition and P a set of open literals of D such that for 
every Q £ r£, either Q £ P or ->Q € P. Let Iq be the unique two-valued r£,- 
interpretation such that Io \= f\T and L the well-founded model of D extending 
Io- If L is a defined literal of D such that L 1 = t, then D,T — » L is provable in 
LPC(ID). 

Proof. Let (/")„<£ be a terminal well-founded induction for D extending Io with 
the limit 1^ = I. Denote by A n a set of all defined literals L such that L 1 = t 
in arbitrary order. We prove that A n ,D,r — > L is provable in LPC(ID) for all 
L £ A n+1 \ A 71 . For each L £ A n+1 \ A n , L 1 " = u and L /n+1 = t. We distinguish 
between the case where A n+1 \ A n contains one positive literal and the case where 
it contains a set of negative literals. 

— Assume that A n+1 \ A n consists of one defined atom P. For every two- valued 
r-interpretation J such that J is a model of /\ r and /\ A n , I n < p J. Indeed, 
L /n = L J = t for every L £ T, L 1 " = L J = t for every L £ A n and for 
every other atom Q £ r, Q 1 = u < p Q J . P 1 = t, hence tpp = t. It 
follows that ipj, = t. Thus, |= A n ,r — > tpp. Therefore, by the completeness 
of the propositional part of LPC(ID), the sequent A n ,T — > ipp is provable 
in LPC(ID). Hence, by the right definition rule, A n , D, r P is provable in 
LPC(ID). 

— For the other case, assume that A n+1 \ A™ is a set of negative literals. Denote 
the set {P | -nP £ A n+1 \A n } by U. Recall that I n+1 = I n [U/f]. P r+1 = f for 
each P £ U, hence ipp" +1 = f. Consider the interpretation J n + 1> = I n \U > /{]. 
There are two simple observations that can be made about I n+1> and each tp p : 

• I n + l < p J' for every two-valued r U [/"-interpretation J' such that J' 

satisfies f\A n and A ~^U > : indeed, L r+1> = L 3 ' = t for every L £ P , 
Ll n+i> = l j> = t for eyery L g ^ pt >y" +1> = p>J' = f for every 

P* £ U > and <3 /n+1> = u < p Q r for every other atom Q £rUU t> . 

• (^p) r+1 = f I p +1 = f ; obvious from the construction of and ip p . 
Combining these results, we obtain (ip P ) J = f for every two- valued interpreta- 
tion J' satisfying f\T, f\A n and A ^ . It follows that \= -^U*, A n , r — > -mp p 
for every P £ U. By the completeness of the propositional part of LPC(ID), 
the left definition rule and the right -i rule the sequent A n ,D,T — > ->P is 
provable in LPC(ID) for every P £ U. 

Since (I n ) n <^ is a terminal well-founded induction for D with the limit / = it 
is obvious that the set of defined literals L for which L 1 = t is exactly the set of all 
defined literals in A^. Thus, by using the cut rule, it is easy to show by induction 
on n that if L is a defined literal of D such that L 1 — t, the sequent D, P — > L is 
provable in LPC(ID). 



Notice that in the above lemma, we do not require the totality of the definition. 
So the definition D can be non-total and the well-founded model of D may be a 
three- valued interpretation. 

Lemma 8. Let D be a total definition and let r be a set of open literals of D, such 
that for every atom Q £ rjj either Q £ T or ->Q £ r. Let L be a defined literal of 
D.If^D. T^ L, then D,T -> L is provable m LPC(ID). 

Proof. Assume that \= D, T —> L. Let Io be the unique two- valued r^-interpretation 
such that Jo (= /\ r. Because D is total, Jo can be extended to a two-valued well- 
founded model I of D such that I \= f\T and I \= D. Then since |= D, P — > L, it 
holds that J J = t. Thus, by LemmaH L>, r ->• L is provable in LPC(ID). 

Lemma 9. Lei D be a total definition and r an arbitrary consistent set of literals. 
If L is a defined literal of D such that \= D, r — > L, then D,T —> L is provable in 
LPC(ID). 

Proof. Let J" be an arbitrary extension of r such that for every open atom Q of 
D, either Q £ J" or -iQ £ J". First, we want to show that £), J" — > J is provable 
in LPC(ID). It holds that \= D,T' -> L because |= D,T -»■ X. Consider the 
set X" of all open literals of J) in X'. If |= D,r" — > L, then by the previous 
lemma, D,r" —> L is provable in LPC(ID), and by the left weakening rule, so is 
D,r' ->■ L. If Y= D,T" -t L, then by totality of D, \= D,T" ->• ->L and hence, 
|= L>, f — s> This means that D A is unsatisfiable, which implies that 

for some defined literal L' in J 1 ', |= D,r" — > ->L'. By the previous lemma and 
the left weakening rule, _D,_T' — > is provable in LPC(ID). It is obvious that 
D, r' V is an axiom because L' is a literal in r'. Then we can use the left -i 
rule, the cut rule and the right weakening rule to show that D,T' — > L is provable 
in LPC(ID). 

Given that the sequents D,T' —> L are provable in LPC(ID) for all extensions 
r 1 of r, by using the right -i rule and the cut rule on all D, J 1 ' — > L, an LPC(ID)- 
proof for D,r — >• L can be constructed. 

Lemma 10. Let D be a definition and r a set of open literals of D, such that for 
every atom Q £ Tjj either Q £ r or -<Q £ P. If \= D, r — >• _L, then D, r — ¥ _L is 
provable in LPC(ID). 

Proof. Let Io be the unique two- valued r£,-interpretation such that Io \= A F and 
(J")n<{ a terminal well-founded induction for D extending Jo with limit 1^ = I. 
Because |= D, r — > _L, there is no two-valued well-founded model for D extending 
Jo- Hence J is a three- valued r-interpretation. Denote by E the set of all defined 
atoms of D which are not unknown in J and V the set r^, \ E. For each P £ E, we 
define a literal Jp as follows: 



Denote by K the set {Lp \ P £ E} of literals. We first want to show that 



L P 



{ 



P if P 1 
-^P if P 1 



= t 
= f ' 



h J?°,^°,JC,r^ /\->V* and ^ D\^V\K,T ^ ^V^. (4) 



Consider the vocabulary r° = r U V <> U V°. I can be expanded into two r°- 
interpretations Iy> and I^v° & s follows: 

I v « = (I[V* /t]) D " and R v * = (I[Vyi}) D \ 

Since 7)° is a positive definition, hence total definition with open symbols tUF, 
both interpretations arc well-defined. Moreover it is obvious that 7y» , respectively 
I^v° , is the only interpretation satisfying: 

I V o h D* A /\V* A /\K A /\r, respectively \= D* A /\ A /\ K A f\ R 

In order to prove (U]), it suffices to show that 

ivo nA" f> and Uv ° ^A F> - ( 5 ) 

— We want to prove that lyo \= f\ -<V > . For any P £ V with its rule P ^— <ySp G 
D, P* <r- ifp is the corresponding rule for in D°. If we can show that 
Iy^/f] \= ~"Pp for each P > £ V > with its rule P* <- then since Iy 
satisfies 7)°, we can apply Lemma 0] to obtain that each P^ £ V > is false in 
7y» , which is what we must prove here. 

Consider the ^-interpretation 7° which extends 7 by interpreting each symbol 
Q & and Q° as Q 1 for each Q £ V, i.e., as u. Clearly, for every P £ V with 
its rule P tp P £ D, (<^ P ) /0 = y>p = u, and since (ip P Y v<> [v> /f] u, it is 
sufficient to show that {ip P Y v ° [v> /i] < {VpY* to obtain that I V o [V/i] \= ^<p P 
for every P^ £ with its rule P > ^— ip P £ 7)°. This can be verified by the 
following observations. 

• i v .\y>/f\\ r = r>\ r . 

• For every Q £ V, every occurrence of Q t> in ip P is positive and (Q > Y V<> ^ v = 

f < (q*) /0 = u. 

• For every Q £ V , every occurrence of Q° in ip p is negative and (Q°Y V<> ^ v = 
t > (Q°) /0 = u 

Hence, it is indeed the case that (<p P ) Iv °^ v < (f'pY , as desired. 

— We want to prove that 7-,yo |= /\ V > . Assume toward contradiction that there 
exists a non-empty set C such that I^v° HA -, -f 1> an(1 f° r the se t 
T> = y> \ i?t> ? /^ yo |= /\T>. Consider the r-interpretation 7 1 = 7[F/f]. If 

we can show that <pp = f for every P £ F with its rule P ipp £ D, then 
since for each P £ F and its rule P <— ipp £ D, P 1 = u and ip P — f , 7 can 
be extended to 7 1 in the well-founded induction (7™) n <£ for 7?. This produces 
the contradiction to that 7 is the limit of (7") n <f. To prove that (pp = f for 
every P £ F with the rule P ipp £ D, we first choose a r°-interpretation 7° 
which extends 7 1 by interpreting each symbol Q > and as Q 1 , i.e., as f if 
Q £ F and as u if Q £ T. Notice that for all formulas if> over r, it holds that 
ip 1 ' = ("0°) /O - Thus, it is sufficient to show that {ip P Y° = f for every P > £ F > 
with the rule P > <— cp P £ D° . Since R V o \= for each P > £ F > and R v * 
is a model of 7>°, by Lemma[IJ we have that (<p P ) I ^ v ° — f for every P^ £ F > 
with the rule P > <— ip p £ D°. If we can have that ((p P Y° < (ip P Y^ v<> = f , it 
holds that (f^) 1 = f , which is exactly what we need. 
We can verify that {<p P Y < {fpY^ v<> by the following facts. 



• I^ V .\ T = 1%. 

• Every occurrence of in ipp is positive and (Q t> ) I ^ v< ' = (Q t> ) 1 = f for 
each e while (Q > ) / ° = u < (Q*) 1 ^* = t for each Q 1 " e ^ \ F*. 

• Every occurrence of Q° in <p p is negative and (Q ) 1 ^ — = f for 
each Q° e F° while (Q°) r = u > (Q )^^ = f for each Q° e F° \ F°. 

Hence, it is the case that (tp^) 1 < (v 3 p) / " v ° = f j as desired. 

Therefore, it is obtained that |= L>°, if, P -> A ^ and H £>°, K , r ~> 
/\ V*. D° is a total definition, hence by using Lemma [3] and the right A rule, both 
V ,L> ,^,^ ->• A -1 ^ and ^V^.D^.K^ f\V > are provable in LPC(ID). 
It follows from the non-total definition rule that K,D,T — > _L is provable in 
LPC(ID). Since I is a well-founded model of D extending Io and L 1 = t for 
each L € K, using Lemma [3 it holds that for each L E K , D,T — > L is provable 
in LPC(ID). Consequently, by the multiple use of the cut rule on K, D,T — > _L 
and D,T -> L for each L e K , D, T -> L is provable in LPC(ID). 

Lemma 11. Let D be a definition and r a set of open literals of D such that for 
every atom Q £ rfy, either Q e T or ->Q 6 r. Let L be a defined literal of D. If 
\= D,T -> L, then D,T -> L is provable in LPC(ID) . 

Proof. Assume |= D, r — > L. Let Lo be the unique two-valued r^-interpretation 
such that Io \=/\r.lf\£D,r^J-, then Io can be extended to the two- valued 
well-founded model I of D such that I \= f\T and I |= D. Since |= D,T — > L, 
it holds that I \= L. Thus, by Lemma D, r -> L is provable in LPC(ID). If 
|= D,r ->• _L, then by Lemma fTOl £>, P — > _L is provable in LPC(ID). Hence, by 
the right weakening rule, D, r — >• L is provable in LPC(ID). 

Lemma 12. Let D be a definition and r an arbitrary consistent set of literals. If 
\= D,T -> _L, i/iera £),T -> _L is provable m LPC(ID). 

To prove this, we use the same technique as in the proof of Lemma [9j We omit the 
details of the proof here. 

Lemma 13. Let D be a definition, r an arbitrary consistent set of literals and L 
a defined literal of D. If \= D,T —t L, then D,T —¥ L is provable in LPC(ID). 

Proof. If r U {—iL} is an inconsistent set of literals, we have that D, r — > L is 
an axiom and thus, D, r — > L is provable in LPC(ID). If L U {~>L} is consistent, 
because \= D,T, ~^L — > _L, by the previous lemma, it is obtained that D, r, -^L — > _L 
is provable in LPC(ID). Then by the -> rules and the cut rule, we can conclude 
that D, r -> L is provable in LPC(ID). 

The remainder of the completeness proof for the class of sequents, namely the 
sequents r,D^A where r and A are sets of PC-formulas and D is a definition, 
will use a standard technique: we construct the so called reduction tree for a sequent 
r — > A. We follow the approach from [37]. First, we introduce some terminology. 

Definition 5. A reduction tree for a sequent S = r — > A is a tree Tg of sequents. 
The root 0/T5 is S. Moreover, Tg is constructed by applying one of the following 
reductions on each non-leaf LI — > S. 



- (left -i reduction) II contains a sequent formula -iA, then write down II \ 
{-*A} — > S, A as the unique child of II — > S. 

- (right -i reduction) £ contains a sequent formula ->A, then write down A, II — > 
£ \ {^A} as i/ie unique child of II ^ S. 

- (left A reduction) II contains a sequent formula AAB, then write down A, B, II\ 
{A A 73} — ► £ as the unique child of II — > Z\ 

- (rigTii A reduction) £ contains a sequent formula AAB, then write down II — > 
E\{AAB},A and II -> £\{iA 73}, S as iwo children ofll^rE. 

- (left V reduction) 77 contains a sequent formula Ay B, then write down A,II\ 
{A V B} -> £ and 75, 77 \ {A V 73} -> £ as too children ofn^S. 

- (right V reduction) S contains a sequent formula A\/ B, then write down 77 — > 
£\{A\/ B}, A, B as the unique child of 77 -> . 

(definition introduction reduction) S contains a sequent formula D, which is a 
total definition with Tjj = {Pi, . . . , P n }, then write down D' , 77 — > £\{D}, P- = 
Pi for each i S [l,n] as n children of 77 — > S . 

In addition, each leaf of T$ is either an axiom, or none of the above reductions is 
possible. 

Observe that the definition introduction reduction corresponds to the definition 
introduction rule while each other reduction respectively corresponds to a logical 
inference rule. Each leaf node of a reduction tree is either an axiom or a sequent 
of the form Di , . . . , D n ,T^A where r and A are sets of atoms with P n A = 
and 7?i, . . . , D n are definitions. 

Definition 6. An inference rule preserves counter-model if for each instance of 
the inference rule, a counter-model for one of the premises of the instance is the 
same as a counter-model for the conclusion of the instance. 

The following property can easily be verified. 

Proposition 4. All the logical inference rules preserve counter-models. 

Lemma 14. The definition introduction rule preserves counter-model. 

Proof. Let D be a total definition. Then D' is a total definition because of its 
construction. Assume that 7 is a counter-model of D' , r — > A, P' = P for some 
P G Tp, but 7 is not a counter-model of r — > A,D. Since D and D' are total, I 
is a two-valued interpretation satisfying D' , A and -*(P' = P). Because 

7 is not a counter-model for r — > A, D, it holds that 7 |= D. Obviously from the 
construction of D' and the fact that 7 satisfies both D and D', we conclude that 
7 |= P' = P for every PerJ, a contradiction. 

Then we obtain the property of reduction trees as follows. 

Proposition 5. For each sequent S = r — > A, (a) there exists a reduction tree 
Ts> (b) if M leaf nodes of a reduction tree Ts are provable in LPC(ID), then the 
root sequent is provable in LPC(ID), and (c) , there exists a leaf node 0/T5 such 
that a counter-model for this leaf node is a counter-model for the root. 



Proof. Clearly, a reduction tree exists because it can be constructed by a non- 
deterministic reduction process. Because each reduction in a reduction tree corre- 
sponds to either the definition introduction rule or a logical inference rule, by using 
the corresponding inference rule, it is easy to prove that if the children of a node 
in a reduction tree are provable in LPC(ID), then the node itself is provable in 
LPC(ID). Therefore, the root sequent is provable in LPC(ID) if all leaf nodes of 
the reduction tree are provable in LPC(ID). 

A counter-model for a leaf is a counter-model for the root because all the log- 
ical inference rules and the definition introduction rule preserve counter-models 
by Proposition U and Lemma Q31 and each non-leaf node can be proved from its 
children using only those inference rules. 

We are now ready to prove the completeness theorem of the sequents of the 
form D, r — >• A, where r and A are sets of PC-formulas and D is a definition. 

Theorem 2 (Completeness for one definition in the antecedent). Let r 

and A be sets of PC-formulas and D a definition. If \= D, T —t A, then D, r — > A 
is provable in LPC(ID). 

Proof. First, a reduction tree is constructed from the root D, r — >• A. Every leaf 
of the reduction tree must be an axiom or a sequent of the form D, II — > S, where 
II and £ are (possibly empty) sets of propositional atoms satisfying that (a) H 
and £ have no atom in common, and (b) when £ is not empty, U or £ contains 



at least one defined atom of D. By (c) of Proposition [H if |= D, r — > A, then 



|= D, II — > £. Hence, if £ is empty, by Lemma IT2| it is obtained that D, II — > £ 
is provable in LPC(ID). If £ is not empty, by Lemma [T3l the rules and the 
weakening rules, D,LT — > £ is provable in LPC(ID). Extending for every leaf 
D,LT — >• £ the branch that ends in that leaf with the prooftree for that leaf, yields 
an LPC(ID)-proof for D, P A 

LPC(ID) remains complete for sequents of the form D\, . . . , D n , r — > A, where 
F and A are sets of PC-formulas and multiple definitions are allowed in the an- 
tecedent. 

Lemma 15. Let D\, . . . , D n be definitions and r an arbitrary consistent set of lit- 
erals. If \= Di, . . . , D ni r — > _L, then D\, . . . , D n , T — > _L is provable in LPC(ID). 

Proof. Let f be an arbitrary extension of r such that for every Di £ {Di, . . . , D n } 
and every open atom Q of Di, either Q 6 f or -*Q e r 1 . First, we want to show that 
Di, . . . , D n , r' -> _L is provable in LPC(ID). It holds that \=D U ..., D n , r' -> ± 
because |= D\, . . . , D n , r — > _L. Consider the set P" of all open literals of all defini- 
tions D n in r'. We distinguish between the case where |= D\, . . . , D n , P" — > 
_!_ and the case where ^= D%, . . . , D n , r" — > _L 

— In the first case where \= D%, . . . , D n , P" — > _L, we distinguish between the sub- 
case where there exists at least one Di G {-Di, . . . , D n } such that |= Di, P" — > _L 
and the subcase where for every Di G {-Di, . . . , D n } it holds that Y= Di,P" — > 
_L. 



• In the first subcase, |= Di,r" — ¥ _L, hence by Lemma [T2I Di,r" — > _L is 
provable in LPC(ID). Then by using the left weakening rule, we conclude 
that £>i, . . . , D n ,T' ->• _L is provable in LPC(ID). 

• In the other subcase, it holds that Di, P" — > _L for every Di € {Di, • ■ • , D n }. 
Thus, for every Di £ {-Di, • • • , D n }, there exists a unique two-valued well- 
founded model Ii of Di such that Jj |= £>i and li |= l\T" . Because 
Di A... A Z?„ A /\ r 1 " is unsatisfiable, for some Ji and Ij such that i ^ j 
and for some defined literal L, it can be implied that Ii\= L and Ij \= -iL. 
Thus, we have that |= D u r" -> L and |= D^T" -> Therefore, by 
Lemma HH it is concluded that both Di , P" — > L and Dj , P" — > -*L are 
provable in LPC(ID). Then we can use the left weakening rule, the left 

-i rule and the cut rule to show that D±, . . . , D n , r' — > _L is provable in 
LPC(ID). 

— In the other case where ^ D\,... ,D n ,P" — > _L, hence there exists a unique 
two- valued interpretation / such that / |= D\ A . . . A D n A /\r". Because ^= 

£>!,...,£>„, r" -> _L, for each Aepi £>„}, it holds that \L D h r" -> 1 

and hence, there exists a unique two-valued well-founded model Ii of Z?i such 
that Ii \= Di and |= /\r". Therefore, for each Di and each defined atom 
P G rg., P /! = P J . Since D± A . . . A D n A is satisfiable but Di A ... A 

-Dn A /\r' is unsatisfiable, it can be implied that for some defined literal L' 
in r', \= Di, . . . , D n , r" — > -ii'. Assume that L' is a defined literal of D^. 
Because L' ' — V — f , we have that |= Di, r" — > ~^L'. By Lemma [T^l and the 
left weakening rule, Di,T' — > -iL' is provable in LPC(ID). It is obvious that 
Di, r' — > L' is an axiom because V is a literal in Then we can use the left 
weakening rule, the left -i rule and the cut rule to show that D\ , . . . , D n , i~" — > ± 
is provable in LPC(ID). 

Given that the sequents D\, , . , , D n , J" — >• _L are provable in LPC(ID) for all ex- 
tensions r' of P, by using the right rule and the cut rule on all Di, . . . , D n , r' — > 
±, we can construct an LPC(ID)-proof for Di, . . . , D n , r — > _L. 

Lemma 16. Let D\, . . . ,D n be definitions and let r and A be sets of atoms. If 
\= Di,.. .,D n ,T -> A. then D u . . . , D„, r -> A is provable in LPC(ID). 

Proof. The proof is trivial if D\, . . . , D n , r — > A is an axiom, hence we assume that 
Di, . . . , D n , r — > A is not an axiom, i.e. r D A = 0. Because r, -*A is a consistent 
set of literals and |= D\, . . . , D n , r, -*A — >• _L, by the previous lemma, we have that 
£>i,..., D n , r, -i A — > _L is provable in LPC(ID). Then by the -i rules and the cut 
rule, we can conclude that D\, . . . , D n , r -> A is provable in LPC(ID). 

The following completeness theorem of the sequents with multiple definitions in 
the antecedent is an immediate consequence of Lemma [TH] and the reduction tree 
for sequents. 

Theorem 3 (Completeness for multiple definitions in the antecedent). 

Let r and A be sets of PC- formulas and D\, . . . , D n definitions. If \= D\, . . . , D„, r — > 
A, then D\, . . . , D n , P — s> A is provable in LPC(ID). 



Then we have the following main completeness theorem. 



Theorem 4 (Completeness). If \= r —> A and all definitions occurring either 
negatively in r or positively in A are total, then r — > A is provable in LPC(ID). 

Proof. Let r — > A be a valid sequent such that any definition which occurs either 
negatively in r or positively in A is total and let T$ be a reduction tree with root 



r — > A. Then by (c) of Proposition [SJ all leaves of T$ are valid. Since all leaves are 
of the form D\,.,., D n , U — > £ where 77 and E are sets of atoms and D\, . . . , D n 
are definitions, it follows from Theorem [3] that they are provable in LPC(ID). 
Hence, by |(b) | of Proposition [SJ r — > A is provable in LPC(ID). 



5 Complexity results 

In this section, we provide some complexity results for PC(ID), which may give 
some helpful insight into the reasoning problems in PC (ID). 

Proposition 6. Satisfiability problem in PC(ID) is NP-complete. 

Proof. (Membership) Propositional well-founded models can be computed in poly- 
nomial time, e.g. using the algorithm of Van Gelder in 20 . It is easy to define an 
algorithm that uses this well-founded semantics algorithm and finds models that 
satisfy PC(ID) theories in polynomial time on a non-deterministic turing machine. 

(Hardness) Any satisfiability problem for propositional logic is trivially also a 
satisfiability problem for PC(ID). 

Recall Definition [3J of totality of a definition D with respect to a theory T: 
for each I \= f\T, the well-founded model of D extending J| T ° must be two- 
valued. Deciding totality is an interesting problem, not least because we cannot even 
formulate an inference rule to prove totality of a propositional inductive definition 
in the context of a certain set of PC(ID)-formulas. 

Proposition 7. Deciding whether a given propositional inductive definition is total 
with respect to a given propositional theory is co-NP-complete problem. 

Proof. (Membership) Let D be a propositional inductive definition, T a proposi- 
tional theory. Any interpretation I such that I \= /\T and the well-founded model 
of D extending I\ T o is not two- valued, is a certificate for the non-totality of D with 
respect to T. Both checking whether I \= f\T and whether the well-founded model 
of D extending I\ T ^ is two-valued can be done in polynomial time. 

(Hardness) Consider the definition D — { P ^— -<P A T } . D is total with respect 
to the empty theory if and only if T is unsatisfiable. Thus we have found an instance 
of our decision problem that is equivalent to a co-NP-hard decision problem, namely 
unsatisfiability problem for propositional logic. 



6 Conclusions, related and further work 



We presented a deductive system for the propositional fragment of FO(ID) which 
extends the sequent calculus for propositional logic. The main technical results 



are the soundness and completeness theorems of LPC(ID). We also provide some 
complexity results for PC(ID). 

Related work is provided by Hagiya and Sakurai in |22| . They proposed to 
interpret a (stratified) logic program as iterated inductive definitions of Martin-L6f 
[30] and developed a proof theory which is sound with respect to the perfect model, 
and hence, the well-founded semantics of logic programming. A formal proof system 
based on tableau methods for analyzing computation for Answer Set Programming 
(ASP) was given as well by Gebser and Schaub [TB]. As shown in [35], ASP is 
closely related to FO(ID). The approach presented in [TB] furnishes declarative 
and fine-grained instruments for characterizing operations as well as strategies of 
ASP-solvers and provides a uniform proof-theoretic framework for analyzing and 
comparing different algorithms, which is the first of its kind for ASP. 

The first topic for future work, as mentioned in Section[ll is the development and 
implementation of a proof checker for MiniSat(ID). This would require more study 
on resolution-based inference rules since MiniSat(ID) is basically an adaption of 
the DPLL-algorithm for SAT [TOI5] . 

On the theoretical level, we plan to develop proof systems and decidable frag- 
ments of FO(ID). As mentioned in Section [1] FO(ID) is not even semi-decidable 
and thus, a sound and complete proof system for FO(ID) does not exist. Therefore, 
we hope to build useful proof systems for FO(ID) that can solve a broad class of 
problems and investigate subclasses of FO(ID) for which they are decidable. 
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